Release Notes - Sep 2021
  • 3 Minutes to read
  • PDF

Release Notes - Sep 2021

  • PDF

1. SAFE Score for Technology: Outside-in Assessment

1.1. Real-time technology score - Outside-in Assessment

SAFE has been enhanced to provide the real-time Outside-in SAFE Score. Now, for any changes to the company profile and addition or deletion of assets (IP address or domain), the system auto-triggers the assessment and updates the Outside-in SAFE Score. The system notifies users for the initiation of a new assessment and the assessment in progress.

1.2. Outside-in score trend

We have added the Outside-in score timeline on the Outside-in assessment dashboard to display the scoring trend over a period of time. You can select a timeframe from the options, 1Year, 3 Months, 1 Month, and 1 Week. 

1.3. Outside-in score on SAFE Report

We have also added the Outside-in score to the Outside-in Assessment report. 

2. Handling exceptions in Technology Outside-in made easy

SAFE now allows users to handle the exceptions for the outside-in assessment in SAFE by adding or deleting the IP address and domains manually. This feature helps you eliminate the encountered false positives and reduce the impact on your SAFE score. 

Users can add the assets (IP address and domains) by clicking the Add Asset button available at the Digital Footprint section for First-party and Third-party to handle any false negatives.

Any change in Digitial Footprint needs review and approval from the SAFE team, done within 48 hours.

3. Enhancements in People

3.1. Get your Content live on SAFE Me

With this release, SAFE Me allows the addition of custom courses to the course library of an organization. Contact the SAFE Me support team to publish your video content on SAFE Me to assign it to your organization’s users.

3.2. Yet another platform supported for SSO - On-Prem AD 

In addition to supporting SSO via Azure AD, G Suite, and Okta, this release also allows users to sign in to SAFE Me with SSO using their On-Prem AD credentials.

Note: On-Prem AD is currently only supported via ADFS because the SSO implementation uses SAML 2.0, not LDAP.

3.3. Quickly create user groups using filters - People

We had added filters for the user list available under User Group and Phishing. Now you can quickly filter the user list by Department, Location, Score range, and Status (available for Phishing) and select the users to create a user group for a targeted cyber awareness campaign.

Furthermore, you can view the user groups' details by clicking the user group for the list. The details include name, user count, type, applied filters, group score, and the user list.

3.4. Higher batch limit for CSV upload

  • The user records limit for bulk uploading users has been increased from 5K to 30K users per CSV file.
  • The user records limit for uploading the phishing campaign result file has been increased from 5K to 22K.

Furthermore,  SAFE can display up to 30 errors together during bulk user upload or Phishing result upload.

4. Filters in Third-party list and ATT&CK Matrix

In addition to the filters in People, we have also added filters for the control list on the ATT&CK Matrix and Third-party list. Now, you can filter the controls and third parties to get the required list in a few clicks.

5. Configuration Assessment support for new Asset Types

With this release, users can now onboard and perform configuration assessments of the following new asset types:

  • Tomcat 7
  • Tomcat 8
  • macOS Monterey

6. Miscellaneous

  • The loading time for the Technology Inside-out dashboard has been reduced to less than 3 seconds.
  • SAFE now allows you to export the third-party assessment list and export the control gaps in CSV format.
  • SAFE Admin portal now allows you to create a request for the new deployment. Users can click the New Request button and add a request.
  • A new Site Coordinator installation directory is updated to reflect the name as "safe-security" for new installations. However, all the past installations of the Site coordinators will continue to function as is.
  • The security posture of SAFE is being continuously improved with vulnerability assessments via CI/CD security pipelines with the integration of tools like Veracode, Truffelhog, Trivy, and Security Hub.
  • Network Discovery and Rapid7 integrations have been removed from SAFE as it is not supported for SAFE on Cloud.

Was this article helpful?